Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 24th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2018 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at

Please visit the sponsor!
Please visit the sponsor!

The race to secure your computer

17 January 2018

There's an extremely important race going on right now.

It's a race to secure almost every single computer on the planet against hacking attacks that allow evil little sods and state-funded actors to rape your system of valuable data such as passwords and other sensitive information.

This race has come about due to the discovery of several critical vulnerabilities in most of the common CPUs manufactured over the past decade or so.

Black-hats are doubtlessly toiling away day and night to perfect exploits that will leverage these vulnerabilities to gain access to almost any computer they want -- while researchers are valiantly (but not successfully) trying to come up with ways to mitigate these vulnerabilities in a way that won't cripple those computers.

It really is a battle of good versus evil.

Unfortunately, it's still not clear who's going to win.

Why am I skeptical?

Well it seems that in the rush to get these patches out, manufacturers have encountered quite a few instances where they either impose a huge performance hit or the target system simply stops working.

Tech site arstechnica is reporting that the patches have created problems with drivers and microcode execution resulting in unstable operation. To this end, Intel has recommended that people stop installing the microcode updates it has released for some processor families.

For its part, Microsoft's patches have caused issue with anti-virus software and a number of industrial systems have had issues as a result of the patch for the Meltdown bug.

Microsoft's patch for AMD systems was withdrawn after it rendered some computers unable to boot.

Meanwhile, researchers have demonstrated "proof of concept" exploits that can be launched via Javascript -- something that might make it possible for any website to start plucking passwords, cookies and other confidential bits of critical data from your system if you are unfortunate enough to land on one of their pages.

There are no reports of actual attacks using these new CPU vulnerabilities but we all know that it's now just a matter of time.

I shudder to think of the implications if the blackhats are able to develop widespread exploits before Intel and the other CPU manufacturers have solid, robust, effective patches in place.

While all this is going on, I hark back to my own strategy for boosting security...

I believe that everyone should have a machine they set aside for websurfing. This machine should never be used for anything critical such as online banking. The purpose of this computer is simply to allow you to visit websites without fear of being hacked, hit by ransomware or otherwise attacked. You do not use this machine to store important data or visit important trusted websites.

If the worst happens, this machine can be wiped and reinstalled without breaking a sweat or losing a thing.

All that important and sensitive stuff is done on another machine which is kept fully patched and is only used for off-line tasks and for visiting the very few "trusted" websites that require security. Online banking and other activities can be performed on this machine and it is connected to the Net on an "as needed" basis. What's more, you run ad-blocking software, do not install Flash and never visit unknown and untrusted sites on this hardware.

Okay, my strategy isn't 100% guaranteed to protect you from being hit but it can significantly reduce your exposure and the amount of damage that a hit could create.

With old PCs costing virtually nothing and running very well on Linux, that "surfing" machine won't cost you much and you can even get a cheap burner phone if mobile is your chosen Net-access tool.

And, before you say "but I just run a VM", have you read this? Even virtual machines are no guarantee of safety.

Right now I'm wondering exactly how most people and businesses will cope if the black-hats get a powerful exploit out and it becomes widely distributed before the CPU and OS makers have time to properly address the vulnerability.

The big problem many small online enterprises will face is not on their own systems but on that used by their web-hosting companies. The Spectre and Meltdown bugs effectively remove the walls between websites on shared servers, potentially allowing anyone with the right code to gain access to some key data on those sites.

Could this effectively bring the Net to its knees, at least for the purposes of commerce and personal banking?

Who's worried and what are you doing to try and manage the very real risk?

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column

Rank This Aardvark Page


Change Font

Sci-Tech headlines



Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam


Recent Columns

Free software, smack my gob again!
Software can be expensive... very expensive...

Why EVs might cripple New Zealand
Electric vehicles (EVs) look set to take over from dino-juiced personal transport within the next decade or so...

Is the next-tech beyond hobbyists?
I'm a lucky guy...

Are we overdue for another global pandemic?
It's been almost exactly 100 years since the last global pandemic swept the world and killed millions...

Here come the Johnny Cabs
I'm sure all Aardvark readers have already heard the recorded conversation between a hair-dressing salon receptionist and Google's AI "bot". If not, go search for it and listen...

Here comes the big one?
The mainscream media is at it again...

Fast enough for me
A couple of months ago, I splashed out on a new PC...

Yes, time travel is possible!
Stephen Hawking has invited time travelers to his memorial service...

The most ambitious Mars mission yet?
There have been some pretty impressive attempts to do science on the Red Planet in recent decades and I for one have just loved the results...

A life-changing gift
I read a story in today's Stuff about service stations, and how they rob you blind each time you fill up your car, by selling you confectionery, pies,coffee and other impulse-purchase products at highly inflated prices...

Audiophools on the loose again
Do you remember listening to your first compact audio disk and being appalled by the thinness of the sound, the lack of richness and the clearly audible encoding artifacts?...